package com.hfzy.ihk.web.userCenter.conf;


import com.hfzy.ihk.common.web.context.SessionThreadContextFilter;
import com.hfzy.ihk.common.web.security.MyUsernamePasswordAuthenticationFilter;
import com.hfzy.ihk.web.userCenter.support.security.UserDetailsServiceImpl;
import lombok.extern.slf4j.Slf4j;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.authentication.RememberMeAuthenticationProvider;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.*;
import org.springframework.security.crypto.scrypt.SCryptPasswordEncoder;
import org.springframework.security.web.authentication.*;
import org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter;
import org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices;
import org.springframework.security.web.session.SessionManagementFilter;

import java.util.HashMap;
import java.util.Map;

/**
 * Created by chenzesen on 2019/1/2.
 * <p>
 * 各自项目维护自己的conf 主要是用来加一些不用拦截的路径，其他不用再配置,
 * 暂不了解security oauth2 的只管添加不校验路径就OK，其他不用该（中心配置在依赖模块 oauth-client 中配置）
 *
 * @author chenzesen
 */
@Configuration
@Slf4j
@Order(99)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    /**
     * 忽略静态文件
     */
    @Override
    public void configure(WebSecurity web) throws Exception {
        web.ignoring().antMatchers("/frame/**", "/images/**", "/css/**", "/js/**", "/video/**", "/**/favicon.ico");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {

        //放开该路径
        http.requestMatchers().antMatchers("/myTest/test/**","/users/queryUserListByIds/**","/users/querySimpleUserInfo/**").and().authorizeRequests().antMatchers("/myTest/test/**","/users/queryUserListByIds/**")
                .permitAll(); //其他所有需要验证
    }


}
